Using a comma in rules for spam

You will need a separate condition for each word. Make sure the setting at the top is "any" rather than "all".

I don't think evil spambots pick up PDFs. Your address may be sitting in the address book of some caeless Windoze user whose machine has been infected.

AK

The rule would interpret the 'content contains' field literally, evaluating to true only if a message contained an exact match to the entire text string, including commas. You would have to add individual rule conditions for each variation & set the rule to the 'any of' option for the rule to do what you want.

But this isn't going to be very effective since there are endless variations for words like this. Basically, Mail's rules aren't sophisticated enough for this kind of keyword content search, lacking support for complex logical statements or grep-like string evaluations. But even if it supported this, simple keyword methods aren't very effective for spam detection, which is why better methods like Bayesian spam filtering have been developed. Apple's Junk Filter uses a related approach, called Latent Semantic Analysis, which is -- in theory, at least -- the most effective approach yet devised.

I see three alternatives for you to consider:

1. Write your own keyword rule(s) using AppleScript to leverage better logical tools.

2. Replace or augment Apple's Junk Filter with a Bayesian filter like SpamSieve.

3. Improve Apple's Junk Filter's performance:
- a. Check your "Previous Recipients" list & remove entries that shouldn't be there.
- b. Consider removing the 'addressed to my full name' test, since spammers sometimes find this info online.
- c. Reset the filter. This removes any training, including any errors that may be confusing it.
- d. Trash the LSMMap2 file in ~/Library/Mail/, which can get corrupted. (This is like "c" above, but sometimes more effective.)

Regarding spammers getting your email address, there are any number of ways this can happen. They may have found it online. It may have been obtained through a virus attack or similar on a friend's or colleague's Window PC that compromises their address book. Some business you furnish contact information to may have sold it or had it hacked. Or, it simply may be generated by a program that tries thousands of possible email addresses.

The junk filter isn't working properly in your case, so you must fix that rather than trying to outsmart it with custom rules. R C-R has already explained where the problem might be and what to do about it.

As to why are you receiving spam, and what to do about it, you may want to read the following articles, which are applicable to any mail account (not just .Mac), and any mail client (not just Mail):

Why was I "spammed" at my .Mac Mail address?
How HTML Email Messages Relate to Unsolicited Commercial Email ("spam")

Also, why do you people keep bouncing spam?

If the spammer's address is bogus and the bounces don't reach the destination, as is often the case, bounces are just a waste of time and bandwith, plus a source of problems, because in all likelihood they'll be bounced back to you. If the original spam messages or the returned bounces are malformed, for example, Mail may end up being unable to handle the situation properly.

If the bounce reaches the destination, then it's even worse, because you're either (1) telling the spammer that your address is valid and that you're willing to spend time on his/her/its junk, or (2) contributing to the spammer's effort by sending his/her/its junk to the innocent whose address was stolen for sending it (and who, in turn, might end up posting in a forum such as this wondering why does he/she receive bounces for messages he/she hasn't sent).

So what exactly is the point of bouncing spam? Don't you have anything better to do with your time?